Summer is traditionally a time when the Office of Information Technology rolls out large-scale projects to campus, and 2019 is certainly no exception. This year, many of the projects relate directly to account security at CMU.
Some of these changes will happen behind the scenes, while others will be visible if you’re working over the summer or when you return in the fall. You can find more information about the impacts of these projects below.
Keep an eye on this page for up-to-date information regarding these projects.
Projects that affect everyone
Password complexity and length
As of May 15, Global ID passwords now need to be at least 10 characters in length, with the maximum length raised to 60 characters. Other complexity requirements have not changed, such as passwords over 20 characters requiring no uppercase or special characters. These new password standards will not be required until the next time you change your password.
Multi-factor authentication (MFA)
MFA involves having an app on your phone (or receiving a phone call at a predefined number) to occasionally verify your identity when logging into your email or other Office 365 services. We expect the addition of MFA to significantly reduce the likelihood of your account being compromised.
At this stage, only Office 365 services (email, Office apps, OneDrive, etc.) are compatible with MFA. OIT has been performing some limited pilots for the past several months and expects to complete rolling MFA out to all CMU audiences by the end of summer.
At this stage, MFA is an opt-in service, so this will impact you only if you ask to be added to the service when it launches this summer.
Advanced Threat Protection (ATP)
Microsoft’s ATP provides additional security in CMU’s email system to reduce the risk posed by malicious attachments or links. Attachments are scanned and simulated in a “detonation chamber” to detect virus activity, and links are rewritten to run through an intermediary location to intercept fraudulent activity.
While this change won't require any behavior changes when using your email, it will make some noticeable changes in where hyperlinks go. This changes some of our previous advice on making sure that you use a "skeptical hover," since the link destinations will no longer be cmich.edu locations, so we'll follow up with specific advice as we approach the launch of ATP.
OIT is rolling out Microsoft Teams as a new chat client in accordance with Microsoft’s plans to retire Skype for Business. While we’re focusing on chat/instant messaging initially, Teams offers a ton of other opportunities for holding meetings, sharing files, and otherwise collaborating in a group setting. The Teams desktop client interfaces with many Office 365 services and can act as a central hub for your conversations, cloud storage, Groups, and meetings.
If you're interested in using Teams, you can get ahead of the game and start using it immediately if you have access to install software on your computer. Otherwise, you can just use it in your browser at https://teams.microsoft.com
We'll roll out Teams over the summer and hold training/informational seminars, so keep an eye on your email for further news.
Projects that primarily affect employees
OIT will begin implementing a new Code42 workstation backup solution over the summer to replace our existing Druva backup software. In addition to being added to all faculty/staff workstations, the Code42 backup will allow for more backup space as we continue to increase the available storage.
Our goal is to have as many staff workstations as possible on the new system this summer and start rolling it out to faculty this fall. This process will be largely automatic for most departments. Where any manual work is necessary, your local technicians will be available to help out.
In order to better protect information on devices during travel or in the event of theft/loss, CMU soon will begin encrypting drives on most CMU computers. Encrypting this data means that it cannot be accessed by others without knowing a special password, reducing the chance of data loss or theft.
In combination with our new backup system, this will increase both the security of CMU’s data and our ability to recover it in the event of a ransomware or other compromise.
OIT recently acquired new software that allows for better central management of Mac computers on campus. For the majority of Mac users, this means more consistent software availability. It also lets us handle Global ID logins more consistently than we have in the past.
We're currently applying this to new Mac orders and are rolling it out to existing Macs on campus. If you use a Mac, you'll hear more about this as your rollout date nears.